<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2">
<meta name="theme-color" content="#222">
<meta name="generator" content="Hexo 7.3.0">
  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next.png">
  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32-next.png">
  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-next.png">
  <link rel="mask-icon" href="/images/logo.svg" color="#222">

<link rel="stylesheet" href="/css/main.css">

<link rel="stylesheet" href="//fonts.googleapis.com/css?family=ZCOOL XiaoWei:300,300italic,400,400italic,700,700italic&display=swap&subset=latin,latin-ext">
<link rel="stylesheet" href="/lib/font-awesome/css/all.min.css">

<script id="hexo-configurations">
    var NexT = window.NexT || {};
    var CONFIG = {"hostname":"czchenzhan.github.io","root":"/","scheme":"Pisces","version":"7.8.0","exturl":false,"sidebar":{"position":"left","display":"post","padding":18,"offset":12,"onmobile":false},"copycode":{"enable":false,"show_result":false,"style":null},"back2top":{"enable":true,"sidebar":false,"scrollpercent":false},"bookmark":{"enable":false,"color":"#222","save":"auto"},"fancybox":false,"mediumzoom":false,"lazyload":false,"pangu":false,"comments":{"style":"tabs","active":null,"storage":true,"lazyload":false,"nav":null},"algolia":{"hits":{"per_page":10},"labels":{"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}},"localsearch":{"enable":true,"trigger":"auto","top_n_per_article":10,"unescape":true,"preload":false},"motion":{"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},"path":"./public/search.xml"};
  </script>

  <meta name="description" content="知识点记录&emsp;&emsp;此文用于记录学习 TryHackMe 网站中 Room: Nmap Live Host Discovery 获得的知识点。ƪ(˘⌣˘)ʃ">
<meta property="og:type" content="article">
<meta property="og:title" content="TryHackMe-NmapLiveHostDiscovery">
<meta property="og:url" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/index.html">
<meta property="og:site_name" content="陈展的博客">
<meta property="og:description" content="知识点记录&emsp;&emsp;此文用于记录学习 TryHackMe 网站中 Room: Nmap Live Host Discovery 获得的知识点。ƪ(˘⌣˘)ʃ">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/%E7%BD%91%E6%AE%B5%E5%88%86%E7%B1%BB.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/ARP%E6%9F%A5%E8%AF%A2%E6%B5%81%E7%A8%8B.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/TCP-IP%E5%B1%82.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/%E7%A4%BA%E4%BE%8B%E6%89%AB%E6%8F%8F%E7%BB%93%E6%9E%9C.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/ARP%E6%89%AB%E6%8F%8F.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/ICMP%E6%89%AB%E6%8F%8F.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/TCP%E6%89%AB%E6%8F%8F.png">
<meta property="article:published_time" content="2025-04-19T16:00:00.000Z">
<meta property="article:modified_time" content="2025-09-09T00:40:02.073Z">
<meta property="article:author" content="作者：陈展">
<meta property="article:tag" content="TryHackMe Learning">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/%E7%BD%91%E6%AE%B5%E5%88%86%E7%B1%BB.png">

<link rel="canonical" href="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/">


<script id="page-configurations">
  // https://hexo.io/docs/variables.html
  CONFIG.page = {
    sidebar: "",
    isHome : false,
    isPost : true,
    lang   : 'zh-CN'
  };
</script>

  <title>TryHackMe-NmapLiveHostDiscovery | 陈展的博客</title>
  






  <noscript>
  <style>
  .use-motion .brand,
  .use-motion .menu-item,
  .sidebar-inner,
  .use-motion .post-block,
  .use-motion .pagination,
  .use-motion .comments,
  .use-motion .post-header,
  .use-motion .post-body,
  .use-motion .collection-header { opacity: initial; }

  .use-motion .site-title,
  .use-motion .site-subtitle {
    opacity: initial;
    top: initial;
  }

  .use-motion .logo-line-before i { left: initial; }
  .use-motion .logo-line-after i { right: initial; }
  </style>
</noscript>

</head>

<body itemscope itemtype="http://schema.org/WebPage">
  <div class="container use-motion">
    <div class="headband"></div>

    <header class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"><div class="site-brand-container">
  <div class="site-nav-toggle">
    <div class="toggle" aria-label="切换导航栏">
      <span class="toggle-line toggle-line-first"></span>
      <span class="toggle-line toggle-line-middle"></span>
      <span class="toggle-line toggle-line-last"></span>
    </div>
  </div>

  <div class="site-meta">

    <a href="/" class="brand" rel="start">
      <span class="logo-line-before"><i></i></span>
      <h1 class="site-title">陈展的博客</h1>
      <span class="logo-line-after"><i></i></span>
    </a>
      <p class="site-subtitle" itemprop="description">记录点滴</p>
  </div>

  <div class="site-nav-right">
    <div class="toggle popup-trigger">
        <i class="fa fa-search fa-fw fa-lg"></i>
    </div>
  </div>
</div>




<nav class="site-nav">
  <ul id="menu" class="main-menu menu">
        <li class="menu-item menu-item-home">

    <a href="/" rel="section"><i class="fa fa-home fa-fw"></i>首页</a>

  </li>
        <li class="menu-item menu-item-tags">

    <a href="/tags/" rel="section"><i class="fa fa-tags fa-fw"></i>标签</a>

  </li>
        <li class="menu-item menu-item-categories">

    <a href="/categories/" rel="section"><i class="fa fa-th fa-fw"></i>分类</a>

  </li>
      <li class="menu-item menu-item-search">
        <a role="button" class="popup-trigger"><i class="fa fa-search fa-fw"></i>搜索
        </a>
      </li>
  </ul>
</nav>



  <div class="search-pop-overlay">
    <div class="popup search-popup">
        <div class="search-header">
  <span class="search-icon">
    <i class="fa fa-search"></i>
  </span>
  <div class="search-input-container">
    <input autocomplete="off" autocapitalize="off"
           placeholder="搜索..." spellcheck="false"
           type="search" class="search-input">
  </div>
  <span class="popup-btn-close">
    <i class="fa fa-times-circle"></i>
  </span>
</div>
<div id="search-result">
  <div id="no-result">
    <i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>
  </div>
</div>

    </div>
  </div>

</div>
    </header>

    
  <div class="back-to-top">
    <i class="fa fa-arrow-up"></i>
    <span>0%</span>
  </div>


    <main class="main">
      <div class="main-inner">
        <div class="content-wrap">
          

          <div class="content post posts-expand">
            

    
  
  
  <article itemscope itemtype="http://schema.org/Article" class="post-block" lang="zh-CN">
    <link itemprop="mainEntityOfPage" href="https://czchenzhan.github.io/2025/04/20/TryHackMe-NmapLiveHostDiscovery/">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="image" content="/images/avatar.gif">
      <meta itemprop="name" content="作者：陈展">
      <meta itemprop="description" content="欢迎到访">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="陈展的博客">
    </span>
      <header class="post-header">
        <h1 class="post-title" itemprop="name headline">
          TryHackMe-NmapLiveHostDiscovery
        </h1>

        <div class="post-meta">
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="far fa-calendar"></i>
              </span>
              <span class="post-meta-item-text">发表于</span>

              <time title="创建时间：2025-04-20 00:00:00" itemprop="dateCreated datePublished" datetime="2025-04-20T00:00:00+08:00">2025-04-20</time>
            </span>
              <span class="post-meta-item">
                <span class="post-meta-item-icon">
                  <i class="far fa-calendar-check"></i>
                </span>
                <span class="post-meta-item-text">更新于</span>
                <time title="修改时间：2025-09-09 08:40:02" itemprop="dateModified" datetime="2025-09-09T08:40:02+08:00">2025-09-09</time>
              </span>
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="far fa-folder"></i>
              </span>
              <span class="post-meta-item-text">分类于</span>
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
                  <a href="/categories/Web-Security/" itemprop="url" rel="index"><span itemprop="name">Web Security</span></a>
                </span>
            </span>

          

        </div>
      </header>

    
    
    
    <div class="post-body" itemprop="articleBody">

      
        <h1 id="知识点记录"><a href="#知识点记录" class="headerlink" title="知识点记录"></a>知识点记录</h1><p>&emsp;&emsp;此文用于记录学习 TryHackMe 网站中 Room: Nmap Live Host Discovery 获得的知识点。ƪ(˘⌣˘)ʃ</p>
<span id="more"></span>

<!-- toc -->

<h2 id="网段、子网与子网掩码"><a href="#网段、子网与子网掩码" class="headerlink" title="网段、子网与子网掩码"></a>网段、子网与子网掩码</h2><p>&emsp;&emsp;<code>网段</code>：一个网段由一个网络地址和一个子网掩码组成；网段的主要作用是将IP地址空间划分成多个小块，分配给多个链接同一路由的主机；网段将其管理的多个主机打包，以便他们在网络中作为一个整体进行管理，以下是网段的分类</p>
<p><img src="/2025/04/20/TryHackMe-NmapLiveHostDiscovery/%E7%BD%91%E6%AE%B5%E5%88%86%E7%B1%BB.png" title="网段分类"></p>
<p>&emsp;&emsp;<code>子网</code>：子网是对网段的细分，如果是做一次类比，网段就好比电脑的 1TB 存储空间，而子网就等同于对这一大块硬盘分为 C&#x2F;D&#x2F;E 区</p>
<p>&emsp;&emsp;<code>子网掩码</code>：子网掩码通过和精确的 IP 作用，找到其链接的网段或子网，其工作原理及示例展示如下</p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line"># 比如我现在拥有C类网段 192.168.1.0 =&gt; 共可管理256个IP</span><br><span class="line">1、不使用子网划分，即子网为网段本事：192.168.1.0/24</span><br><span class="line">   /x：该子网的子网掩码为 111……11(x位)000……00(32-x)</span><br><span class="line">2、使用子网划分，比如分为：192.168.1.0/25、192.168.1.128/25</span><br><span class="line">   192.168.1.0/25 =&gt; 192.168.1.0~192.168.1.127</span><br><span class="line">   192.168.1.128/25 =&gt; 192.168.1.128~192.168.1.255</span><br><span class="line"># 子网掩码的工作原理：子网掩码与IP地址进行按位“与”运算，得到子网地址</span><br></pre></td></tr></table></figure>

<p>&emsp;&emsp;显然，越大的网段，比如 10.1.0.0 这类，其可分配的 IP 也更多(10.1.0.0~10.1.255.255)，此时子网可写为 10.1.0.0&#x2F;16</p>
<h2 id="ARP查询"><a href="#ARP查询" class="headerlink" title="ARP查询"></a>ARP查询</h2><p>&emsp;&emsp;<code>ARP简介</code>：又称“地址解析协议”，利用该协议，可以获取同一子网主机的硬件地址(MAC)；需注意的是，<font color="red">ARP查询数据包仅会在链接同一交换机(数据链路层设备)的主机中通信，并不能被路由，无法跨越至其他网络</font></p>
<p>&emsp;&emsp;<code>MAC地址</code>：MAC 地址用于局域网内设备之间的通信。当一个设备想要与另一个设备通信时，它会使用目标设备的 MAC 地址来标识目标；它是一个唯一的标识符，通常与网卡绑定，每个网络设备在出厂时都会被分配一个唯一的 MAC 地址</p>
<p>&emsp;&emsp;<code>ARP查询流程</code>：ARP 查询的流程如下，假设使用主机 computer_A，交换机 Switch 记录的 MAC 地址表如下</p>
<table>
<thead>
<tr>
<th align="center">主机名</th>
<th align="center">MAC地址</th>
</tr>
</thead>
<tbody><tr>
<td align="center">computer_A</td>
<td align="center">00:14:22:01:23:45</td>
</tr>
<tr>
<td align="center">computer_B</td>
<td align="center">00:14:22:01:23:46</td>
</tr>
<tr>
<td align="center">computer_C</td>
<td align="center">00:14:22:01:23:47</td>
</tr>
<tr>
<td align="center">computer_D</td>
<td align="center">00:14:22:01:23:48</td>
</tr>
</tbody></table>
<p><img src="/2025/04/20/TryHackMe-NmapLiveHostDiscovery/ARP%E6%9F%A5%E8%AF%A2%E6%B5%81%E7%A8%8B.png" title="ARP查询流程"></p>
<h2 id="Nmap扫描指定"><a href="#Nmap扫描指定" class="headerlink" title="Nmap扫描指定"></a>Nmap扫描指定</h2><p>&emsp;&emsp;<code>指定扫描IP的四种方式</code>：列表、范围、子网和文件，展示如下</p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">list：MACHINE_IP scanme.nmap.org example.com  =&gt;  扫描3个IP</span><br><span class="line">range：10.11.12.15-20  =&gt;  扫描6个IP</span><br><span class="line">subnet：MACHINE_IP/30  =&gt;  扫描4个IP</span><br><span class="line">file：将扫描的IP以列表形式存储为.txt文件，需使用 nmap -iL filename</span><br></pre></td></tr></table></figure>

<p>&emsp;&emsp;<code>附加项的作用</code>：列举提到的两项如下</p>
<table>
<thead>
<tr>
<th align="center">附件选项</th>
<th align="center">作用</th>
</tr>
</thead>
<tbody><tr>
<td align="center"><code>nmap -sL 扫描IP</code></td>
<td align="center">输出将扫描的主机的详细列表</td>
</tr>
<tr>
<td align="center"><code>nmap -n 扫描IP</code></td>
<td align="center">不对 IP 进行反向 DNS 解析，这导致无法通过 IP 获得主机名</td>
</tr>
</tbody></table>
<h2 id="TCP-IP层协议解析"><a href="#TCP-IP层协议解析" class="headerlink" title="TCP&#x2F;IP层协议解析"></a>TCP&#x2F;IP层协议解析</h2><p>&emsp;&emsp;一图流如下</p>
<p><img src="/2025/04/20/TryHackMe-NmapLiveHostDiscovery/TCP-IP%E5%B1%82.png" title="TCP-IP层"></p>
<p>&emsp;&emsp;<code>扫描所需协议</code>：ARP，同一子网下存活主机扫描；ICMP，进行 ping 操作(可跨越路由操作)；TCP&#x2F;UDP，将特制的数据包发送到常见的 TCP 或 UDP 端口，以检查目标是否会响应</p>
<h2 id="使用ARP进行Nmap扫描"><a href="#使用ARP进行Nmap扫描" class="headerlink" title="使用ARP进行Nmap扫描"></a>使用ARP进行Nmap扫描</h2><p>&emsp;&emsp;<code>使用条件</code>：可使用 sudo 指令，目标与本机处于同一子网中，无需目标在线</p>
<p>&emsp;&emsp;<code>使用语法</code>：sudo nmap -PR -sn MACHINE_IP&#x2F;24</p>
<p>&emsp;&emsp;<code>示例扫描结果</code>：如下图所示</p>
<p><img src="/2025/04/20/TryHackMe-NmapLiveHostDiscovery/%E7%A4%BA%E4%BE%8B%E6%89%AB%E6%8F%8F%E7%BB%93%E6%9E%9C.png" title="示例扫描结果"></p>
<p><img src="/2025/04/20/TryHackMe-NmapLiveHostDiscovery/ARP%E6%89%AB%E6%8F%8F.png" title="ARP扫描"></p>
<p>&emsp;&emsp;<code>一个专用ARP查询的扫描器</code>：称<code>arp-scan</code>，使用指令<code>apt install arp-scan</code>下载，一般使用<code>arp-scan -l</code>，即扫描本地子网上所有有效 IP</p>
<h2 id="使用ICMP进行Nmap扫描"><a href="#使用ICMP进行Nmap扫描" class="headerlink" title="使用ICMP进行Nmap扫描"></a>使用ICMP进行Nmap扫描</h2><p>&emsp;&emsp;<code>使用条件</code>：可使用 sudo 指令，需目标在线，即需目标对 ping 请求进行回复</p>
<p>&emsp;&emsp;<code>使用语法</code>：sudo nmap -PE&#x2F;-PP&#x2F;-PM -sn 扫描IP，<code>-sn</code>表示无需扫描端口</p>
<p><img src="/2025/04/20/TryHackMe-NmapLiveHostDiscovery/ICMP%E6%89%AB%E6%8F%8F.png" title="ICMP扫描"></p>
<h2 id="使用TCP和UDP进行Nmap扫描"><a href="#使用TCP和UDP进行Nmap扫描" class="headerlink" title="使用TCP和UDP进行Nmap扫描"></a>使用TCP和UDP进行Nmap扫描</h2><p>&emsp;&emsp;<code>使用语法</code>：sudo nmap -PS&#x2F;-PA&#x2F;PU[端口号] -sn 扫描IP，端口号默认为 80 端口</p>
<p><img src="/2025/04/20/TryHackMe-NmapLiveHostDiscovery/TCP%E6%89%AB%E6%8F%8F.png" title="TCP扫描"></p>
<p>&emsp;&emsp;<code>一个专用TCP/UDP查询的扫描器</code>：称<code>masscan</code>，使用指令<code>apt install masscan</code>下载，使用语法<code>masscan 扫描网段 -p端口</code></p>
<h2 id="总结-当搬运工了"><a href="#总结-当搬运工了" class="headerlink" title="总结(当搬运工了)"></a>总结(当搬运工了)</h2><table>
<thead>
<tr>
<th align="center">扫描类型</th>
<th align="center">示例命令</th>
</tr>
</thead>
<tbody><tr>
<td align="center">ARP Scan ARP （ARP）扫描</td>
<td align="center"><code>sudo nmap -PR -sn MACHINE_IP/24</code></td>
</tr>
<tr>
<td align="center">ICMP Echo Scan ICMP 回声扫描</td>
<td align="center"><code>sudo nmap -PE -sn MACHINE_IP/24</code></td>
</tr>
<tr>
<td align="center">ICMP Timestamp Scan ICMP 时间戳扫描</td>
<td align="center"><code>sudo nmap -PP -sn MACHINE_IP/24</code></td>
</tr>
<tr>
<td align="center">ICMP Address Mask Scan ICMP 地址掩码扫描</td>
<td align="center"><code>sudo nmap -PM -sn MACHINE_IP/24</code></td>
</tr>
<tr>
<td align="center">TCP SYN Ping Scan TCP 协议 SYN Ping 扫描</td>
<td align="center"><code>sudo nmap -PS22,80,443 -sn MACHINE_IP/30</code></td>
</tr>
<tr>
<td align="center">TCP ACK Ping Scan TCP 协议 ACK Ping 扫描</td>
<td align="center"><code>sudo nmap -PA22,80,443 -sn MACHINE_IP/30</code></td>
</tr>
<tr>
<td align="center">UDP Ping Scan UDP 协议 Ping 扫描</td>
<td align="center"><code>sudo nmap -PU53,161,162 -sn MACHINE_IP/30</code></td>
</tr>
</tbody></table>
<table>
<thead>
<tr>
<th align="center">选择</th>
<th align="center">目的</th>
</tr>
</thead>
<tbody><tr>
<td align="center"><code>-n</code></td>
<td align="center">无 DNS 查找</td>
</tr>
<tr>
<td align="center"><code>-R</code></td>
<td align="center">所有主机的反向 DNS 查找</td>
</tr>
<tr>
<td align="center"><code>-sn</code></td>
<td align="center">仅主机发现</td>
</tr>
</tbody></table>

    </div>

    
    
    

      <footer class="post-footer">
          <div class="post-tags">
              <a href="/tags/TryHackMe-Learning/" rel="tag"># TryHackMe Learning</a>
          </div>

        


        
    <div class="post-nav">
      <div class="post-nav-item">
    <a href="/2025/04/19/TryHackMe-%E6%9D%82%E9%A1%B9/" rel="prev" title="TryHackMe-杂项">
      <i class="fa fa-chevron-left"></i> TryHackMe-杂项
    </a></div>
      <div class="post-nav-item">
    <a href="/2025/04/21/TryHackMe-LinuxPrivilegeEscalation/" rel="next" title="TryHackMe-LinuxPrivilegeEscalation">
      TryHackMe-LinuxPrivilegeEscalation <i class="fa fa-chevron-right"></i>
    </a></div>
    </div>
      </footer>
    
  </article>
  
  
  



          </div>
          

<script>
  window.addEventListener('tabs:register', () => {
    let { activeClass } = CONFIG.comments;
    if (CONFIG.comments.storage) {
      activeClass = localStorage.getItem('comments_active') || activeClass;
    }
    if (activeClass) {
      let activeTab = document.querySelector(`a[href="#comment-${activeClass}"]`);
      if (activeTab) {
        activeTab.click();
      }
    }
  });
  if (CONFIG.comments.storage) {
    window.addEventListener('tabs:click', event => {
      if (!event.target.matches('.tabs-comment .tab-content .tab-pane')) return;
      let commentClass = event.target.classList[1];
      localStorage.setItem('comments_active', commentClass);
    });
  }
</script>

        </div>
          
  
  <div class="toggle sidebar-toggle">
    <span class="toggle-line toggle-line-first"></span>
    <span class="toggle-line toggle-line-middle"></span>
    <span class="toggle-line toggle-line-last"></span>
  </div>

  <aside class="sidebar">
    <div class="sidebar-inner">

      <ul class="sidebar-nav motion-element">
        <li class="sidebar-nav-toc">
          文章目录
        </li>
        <li class="sidebar-nav-overview">
          站点概览
        </li>
      </ul>

      <!--noindex-->
      <div class="post-toc-wrap sidebar-panel">
          <div class="post-toc motion-element"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#%E7%9F%A5%E8%AF%86%E7%82%B9%E8%AE%B0%E5%BD%95"><span class="nav-number">1.</span> <span class="nav-text">知识点记录</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E7%BD%91%E6%AE%B5%E3%80%81%E5%AD%90%E7%BD%91%E4%B8%8E%E5%AD%90%E7%BD%91%E6%8E%A9%E7%A0%81"><span class="nav-number">1.1.</span> <span class="nav-text">网段、子网与子网掩码</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#ARP%E6%9F%A5%E8%AF%A2"><span class="nav-number">1.2.</span> <span class="nav-text">ARP查询</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#Nmap%E6%89%AB%E6%8F%8F%E6%8C%87%E5%AE%9A"><span class="nav-number">1.3.</span> <span class="nav-text">Nmap扫描指定</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#TCP-IP%E5%B1%82%E5%8D%8F%E8%AE%AE%E8%A7%A3%E6%9E%90"><span class="nav-number">1.4.</span> <span class="nav-text">TCP&#x2F;IP层协议解析</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E4%BD%BF%E7%94%A8ARP%E8%BF%9B%E8%A1%8CNmap%E6%89%AB%E6%8F%8F"><span class="nav-number">1.5.</span> <span class="nav-text">使用ARP进行Nmap扫描</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E4%BD%BF%E7%94%A8ICMP%E8%BF%9B%E8%A1%8CNmap%E6%89%AB%E6%8F%8F"><span class="nav-number">1.6.</span> <span class="nav-text">使用ICMP进行Nmap扫描</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E4%BD%BF%E7%94%A8TCP%E5%92%8CUDP%E8%BF%9B%E8%A1%8CNmap%E6%89%AB%E6%8F%8F"><span class="nav-number">1.7.</span> <span class="nav-text">使用TCP和UDP进行Nmap扫描</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E6%80%BB%E7%BB%93-%E5%BD%93%E6%90%AC%E8%BF%90%E5%B7%A5%E4%BA%86"><span class="nav-number">1.8.</span> <span class="nav-text">总结(当搬运工了)</span></a></li></ol></li></ol></div>
      </div>
      <!--/noindex-->

      <div class="site-overview-wrap sidebar-panel">
        <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
  <p class="site-author-name" itemprop="name">作者：陈展</p>
  <div class="site-description" itemprop="description">欢迎到访</div>
</div>
<div class="site-state-wrap motion-element">
  <nav class="site-state">
      <div class="site-state-item site-state-posts">
          <a href="/archives">
          <span class="site-state-item-count">7</span>
          <span class="site-state-item-name">日志</span>
        </a>
      </div>
      <div class="site-state-item site-state-categories">
            <a href="/categories/">
          
        <span class="site-state-item-count">2</span>
        <span class="site-state-item-name">分类</span></a>
      </div>
      <div class="site-state-item site-state-tags">
            <a href="/tags/">
          
        <span class="site-state-item-count">3</span>
        <span class="site-state-item-name">标签</span></a>
      </div>
  </nav>
</div>



      </div>

    </div>
  </aside>
  <div id="sidebar-dimmer"></div>


      </div>
    </main>

    <footer class="footer">
      <div class="footer-inner">
        

        

<div class="copyright">
  
  &copy; 
  <span itemprop="copyrightYear">2025</span>
  <span class="with-love">
    <i class="fa fa-heart"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">作者：陈展</span>
</div>
  <div class="powered-by">由 <a href="https://hexo.io/" class="theme-link" rel="noopener" target="_blank">Hexo</a> & <a href="https://pisces.theme-next.org/" class="theme-link" rel="noopener" target="_blank">NexT.Pisces</a> 强力驱动
  </div>

        








      </div>
    </footer>
  </div>

  
  <script src="/lib/anime.min.js"></script>
  <script src="/lib/velocity/velocity.min.js"></script>
  <script src="/lib/velocity/velocity.ui.min.js"></script>

<script src="/js/utils.js"></script>

<script src="/js/motion.js"></script>


<script src="/js/schemes/pisces.js"></script>


<script src="/js/next-boot.js"></script>




  




  
<script src="/js/local-search.js"></script>













  

  

</body>
</html>
